Search squid archive

Re: wccp transparent proxy; returned spoofed packets are dropped!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tony Dodd wrote:
> Daniel Rose wrote:
>> SQUID (linux kernel 2.6.18.xxx) Sends a spoofed ACK 'from' WWWHOST to
>> CLIENT.
>>
>> The spoofed ACK never arrives at the CLIENT.  CLIENT just sends 3 SYNs
>> and times out.  I assume it's dropped by the firewall, but I can't get
>> 'debug ip packet' or similar commands to work on the ASA 5520 to
>> verify this, but it's pretty clear since it never arrives on the
>> client (I used wireshark).
>>
> 
> Have you tried turning up the logging level and seeing what the asa is
> doing?  My money is on it dropping your packets.
> 

Confirmed by your logging suggestion.  



-- 
Daniel Rose
National Library of Australia

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux